Cybersecurity Risk & Compliance

The Place To Find & Fix Your Cybersecurity Risks

CyberRx’s powerful cybersecurity risk and compliance software tool helps companies assess, mitigate and manage their cybersecurity risks and assures third-party compliance. Our assessment methodology is based on the NIST Cybersecurity Framework and other industry standards, so companies will be checking against the most recent standards and regulations.

Level 1 - Self-Assessment

  • Annual self-assessments are facilitated by a CyberRx cybersecurity Subject Matter Expert using the NIST Cybersecurity Framework (CSF) methodology and the CyberRx software platform to assess an organization’s cybersecurity risks, vulnerabilities, and capabilities against the CSF controls.
  • CyberRx’s L1 readiness certificate can be used for C-Suite and Board reporting and certain external reporting requirements.

Level 2 - Verified Assessment

  • Verified assessments are conducted by CyberRx cybersecurity Subject Matter Experts to provide an independent review and random testing of an organization’s self-assessment against the CSF controls.
  • CyberRx’s L2 readiness certificate can be used for C-Suite, Board, and certain third-party reporting.

Level 3 - Audited Assessment

  • Audited assessments are conducted by CyberRx cybersecurity Subject Matter Experts using the NIST CSF controls to provide independent review and verification of artifacts that support an organization’s self-assessment.
  • CyberRx’s L3 readiness certificate can be used for C-Suite, Board, and third-party reporting.

Level 4 - Comprehensive Risk Assessment

  • A comprehensive risk assessment is conducted by CyberRx cybersecurity Subject Matter Experts using the NIST CSF methodology and NIST 800-30 Rev 1 – Guide for Conducting Risk Assessment. Involves on-site interviews, documentation reviews and system testing of all applicable CSF controls as well as internal and external penetration testing.
  • CyberRx’s L4 readiness certificate can be used for C-Suite, Board, and third-party reporting.
  • Policies

    Build smart policies that set expectations for acceptable behavior of company assets with employees, vendors, and business partners.

  • Compliance

    Quickly respond to audits, compliance reviews, and other cybersecurity reporting requirements.

  • Standards & Professional Practices

    Align with the NIST sponsored cybersecurity framework, NIST 800-53 Rev. 4, HIPPA security controls, FFIEC, and other industry standards.